GRC Viewpoint

NVISO: STAYING AHEAD OF THE LATEST TRENDS IN THE PENETRATION INDUSTRY

TIM BEYENS

Director, NVISO

“We enable continuous validation of environment. The team at NVISO is trained completely on the latest trends in penetration testing. A certificate is necessary for all the team members at NVISO before joining client projects. There is immense research on innovative attack techniques incorporated in our testing guides. Reports created are shared with third parties”

The top independent producer of goods for industrial communication, HMS Networks, has a product brand called Ewon. Ewon is a business unit that has its headquarters in Nivelles, Belgium. HMS Ewon was receiving questions from its suppliers on how security was tackled within the product development. The firm chose NVISO security as the ideal solution provider. NVISO delivered holistic penetration tests, tackling IOT/ Hardware and SAAS components besides general IT infrastructure. NVISO conducted a series of penetration tests as the first step. Later, the firm conducted another round of penetration tests on product developments. Further, the capability of the tests was extended to other products by HMS Ewon.

NVISO is a Belgium headquartered cyber security firm. The enterprise has offices in Greece, Vienna, and Germany. The NVISO solutions find applicability across different domains. The firm derives its strength from experience in working with international enterprises based in Europe. “We have a large team equipped with the ability to execute and deliver high-level solutions. NVISO extends expertise in the ability to integrate within the development teams to focus on the changes being made inside the applications. There are offerings designed on breach and attack simulations that deal with the constant challenges in an automated fashion,” says Tim Beyens, Partner NVISO.

THE WAY WE FUNCTION

On a strategic level, NVISO conducts a root cause analysis on penetration testing results observed. Further, the team makes consistent efforts to ensure that the present maturity level can be increased further. On a tactical level, NVISO also organizes contact points every month to review customer demands. We also enable our clients to request new tests via on-demand questionnaires. “Also, all communications run via our consumer portal and interactive web application that allow our clients to follow up on the penetration status. The other functionality that we enable is reviewing identified vulnerabilities in real time. The need to wait for days before a report is delivered is eliminated,” continues Tim Beyens.

The penetration testing industry faces several challenges. One of the most prevalent challenges is ensuring the environment remains secure during the different release cycles and changes. Further, it is necessary to ensure the environment is tested by highly skilled researchers. Also, the market value of the reviews becomes crucial when sharing with clients. According to estimates, the Penetration Testing Market was worth around US$ 1.90 billion in 2022, and it is anticipated that by 2023, around US$ 5.53 billion must have been generated, or a 16.5% rise. The most common technique for verifying the entire security posture of apps and products was and continues to be, penetration testing. Penetration testing produces incontrovertible results or flaws that are exploitable in real-world situations. The market for penetration testing is expanding due to the increase in data centers. A high degree of security in a data center is ensured by penetration testing.

However, the aforementioned challenges may have a negative impact on the industry’s growth. Therefore, the industry requires an innovative approach that addresses the specific challenges faced by the industry. NVISO addresses these challenges with a specific approach. “We enable continuous validation of environment. The team at NVISO is trained completely on the latest trends in penetration testing. A certificate is necessary for all the team members at NVISO before joining client projects. There is immense research on innovative attack techniques incorporated in our testing guides. Reports created are shared with third parties,” continues Beyens.

THE WAY AHEAD

NVISO is planning to further expand geographically to other areas, following our clients and growing organically. The firm’s clients are steadily moving toward establishing and sustaining an application security program. All facets of application security are addressed in such software. Examples include threat modeling, design reviews, DevSecOps engineering, and testing. NVISO can help its clients with all aspects of their application security program since it is a one-stop shop for application security.